Load balancing on Google Cloud Platform (GCP) is different from other cloud providers. The primary difference is that Google uses forwarding rules instead of routing instances. These forwarding rules are combined with backend services, target pools, URL maps and target proxies to construct a functional load balancer across multiple regions and instance groups.

Terraform is an open source infrastructure management tool that can greatly simplify the provisioning of load balancers on GCP by using modules.

This tutorial will demonstrate how to use the GCP Terraform modules for load balancing in a variety of scenarios that you can build into your own projects.

Objectives

Learn about the load balancing modules for Terraform.

Create a regional TCP load balancer.

Create a regional internal TCP load balancer.

Create a global HTTP load balancer with Kubernetes Engine.

Create a global HTTPS content-based load balancer.

Before you begin

This tutorial assumes you already have a GCP account and are familiar with the high level concepts of Terraform and Load Balancing on GCP.

Costs

Terraform modules overview

terraform-google-lb (regional forwarding rule)

This module creates a TCP Network Load Balancer for regional load balancing across a managed instance group. You provide a reference to a managed instance group and the module adds it to a target pool. A regional forwarding rule is created to forward traffic to healthy instances in the target pool.

terraform-google-lb-internal (regional internal forwarding rule)

This module creates an internal load balancer for regional load balancing of internal resources. You provide a reference to the managed instance group and the module adds it to a regional backend service. An internal forwarding rule is created to forward traffic to healthy instances.

Download and configure Terraform

This script creates a bash function for the terraform command that runs the latest version of Terraform using a Docker container. You can also install it locally if don't want to use Docker.

If you aren't using Cloud Shell, this tutorial uses the default application credentials for Terraform authentication to GCP. Run the following command first to obtain the default credentials for your project.

gcloud auth application-default login

TCP load balancer with regional forwarding rule

This example creates a managed instance group with two instances in the same region and a network TCP load balancer.

Refresh a few times to observe traffic being balanced across the two instances in the us-central1 region.

When finished, clean up the example by running terraform destroy and change back to the parent directory:

terraform destroy
cd ..

Internal TCP load balancer with regional forwarding rule

This example creates three instance groups. The first group is in us-central1-b and uses the internal load balancer to proxy access to services running in instance groups two and three which exist in us-central1-c and us-central1-f respectively. A regional TCP load balancer is also used to forward external traffic to the instances in group one.

Open the external IP again and verify you see traffic from the other group:

echo "open http://${EXTERNAL_IP}"

In a new browser tab, open the link displayed in the terminal.

When finished, clean up the example by running terraform destroy and change back to the parent directory:

terraform destroy
cd ..

Global content-based HTTP(S) load balancer

This example creates an HTTPS load balancer to forward traffic to a custom URL map. The URL map sends traffic to the region closest to you with static assets being served from a Cloud Storage bucket. The TLS key and certificate is generated by Terraform using the TLS provider.

Related Tutorials

Submit a Tutorial

Request a Tutorial

GCP Tutorials

Beta: Community Contributed Tutorials is a Beta release. This feature is not covered by any SLA or deprecation policy and may be subject to backward-incompatible changes.
Except as otherwise noted, the content of this page is licensed under the
Creative Commons Attribution 4.0 License, and code samples are licensed under the
Apache 2.0 License. For details, see our
Site Policies. Java is a registered trademark of Oracle and/or its affiliates.